Login with auth0 user in Meteor app using custom form

mspi · March 18, 2016, 1:14am

In our Meteor app, we currently use the accounts-base package which allows us to register and login user stored in the MongoDB. Also we can use the Accounts API throughout the application which is quiet handy.

So now, our backend team is creating an Identity Service for logging into multiple of our products. They have chosen Auth0 as there provider for registering the users.

So now when I submit my login form in my app, instead of of using Meteor.loginWithPassword I need to call the oath/ro endpoint of the app I registered in Auth0.

POST https://tet.au.auth0.com/oauth/ro
Content-Type: 'application/json'
{
  "client_id":   "fdsfdsse4324242dsffs", // testapp
  "username":    "",
  "password":    "", 
  "id_token":    "",
  "connection":  "",
  "grant_type":  "",
  "scope":       "",
  "device":      ""
}

Docs: https://auth0.com/docs/auth-api#!#get--authorize_db

Using the sandbox of oauth, I can login. But I have no idea how to merge this into Meteor.
I have found the auth0-lock package in Meteor’s Atmosphere, but this seems to force you to use their login form. That is not our requirement.

I have been reading on this blog https://themeteorchef.com/recipes/roll-your-own-authentication/#tmc-setting-up-oauth-services about oAuth and setting up your own.

However, this confuses me even more because this is using oAuth like Google or github.

What I want is have control over the login and register form, and login or create a user in auth0.
I expect some kind of Meteor.loginWithPassword where I can point to a service that will call the https://test.au.auth0.com/oauth/ro call with username and password and on success store the token and set user in Meteor to logged in.

How do I do this, I have been googling for hours now and almost all examples are oauth and not using this identity provider.

Help!

lai · March 18, 2016, 4:14am

I haven’t used auth0 but here are some good resources: Meteor Guide: Users and Accounts

maxhodges · July 5, 2016, 8:11am

he was asking about Auth0. 0Auth is something different!

mspi · August 19, 2016, 8:04am

We did figure out how to connect the Accounts package to Auth0.
So if anyone wants to know, give a shout!

maxhodges · August 19, 2016, 8:17am

hi @mspi Auth0 is looking for a Meteor dev to create a new quickstart for them. Let me know if you are interested and I’ll put you in touch.

mspi · August 20, 2016, 4:45am

I will check with our team about sharing our finding. We use it in proprietary software but since it is based on open source I assume can share this too.

hoggy · August 23, 2016, 1:16am

Id be interested in this thanks.

awatson1978 · August 23, 2016, 1:22am

Yes! Please! The Auth0 security hole and subsequent package revokation put a curveball in our entire project schedule.

Any chance your solution uses the npm auth0-js or auth0-lock packages? We had some success in getting them installed with our app; but not in connecting it with the accounts infrastructure.

mspi · August 23, 2016, 2:44am

Okay, I checked with our CTO and we are happy to share our solution.
I will write a little tester app in my own time and I can share the git repo with you.
Is that okay?

BigDSK · August 23, 2016, 9:42pm

I’d also love to see your example. I’m just about to begin tackling integration.

mspi · August 24, 2016, 5:34am

okay, I put an example together this weekend. It will be a git repo of an example project.

mspi · August 27, 2016, 10:53am

@maxhodges
@awatson1978
@BigDSK
@hoggy

Okay people,

I have put together a Meteor App that will demonstrate the Auth0 integration our team put together.
It is done in a simple Blaze project.

I hope it is self explanatory and helpfull, if not let me know.

Good luck!

awatson1978 · August 27, 2016, 2:55pm

You’re awesome! Our team will be looking at this all week. THANK YOU!!!

hoggy · August 28, 2016, 1:31pm

Thank you, great work

maxhodges · August 30, 2016, 12:34pm

Thanks! We integrated Auth0 here in React with lots of advanced features like custom login forms and custom fields. I’ll see what it would take to create a demo repo. I say “we” but it was most entirely the effort of @wallslide

awatson1978 · August 30, 2016, 2:15pm

That was the next thing I was going to ask about! Count me in as being interested in seeing an Auth0/React demo!

maxhodges · August 30, 2016, 2:43pm

@mspi It might be more discoverable on github. I’m happy to host it under my org account, can give you admin privileges if you’d like to host it on Github. But I think it’s still free for public projects anyway

mspi · September 1, 2016, 12:43am

@maxhodges I think we want to setup a company github page where we want to
share stuff. I just put it under our companies bitbucket to be able share
it quickly as I promised. I don’t want to take credit for the code since it
was a team effort.

kmaida · September 13, 2016, 2:35am

@mspi Hello! I’m a Technical Writer engineer at Auth0 and I’d love to use your sample repo as a reference to help construct an article on integrating Auth0 with Meteor for our blog (http://auth0.com/blog). Please let me know if this is alright with you, and if so, how you’d like your company credited in the article! If you grant permission for us to share your sample repo with our readers, I will also of course share a draft of the article with you prior to publication for your approval. Also, if/when you set up a company GitHub, I’d love to update links in the article appropriately. Please let me know if you’re interested!

mspi · September 13, 2016, 3:25am

Hi Kmaida,

Please go ahead. The sample was made for sharing.
Our company is Prospa Advance Pty Ltd, www.prospa.com.

I will let you know when we have created a company git repo. I’ll probably
do this this week.

Cheers